seems to be the real output from this initiative, given the top post. Perhaps I ought to read the links just in case there is something more tangible...
It should be possible to sue for time wasted trying to get 620Kb free memory available to run some shitty Lucas Arts game (or a crappy network stack n client).
Before the "I had a few problems with punch cards" mob dives in - no one ever said that a batch system based on paper doilies would be easy.
On FF you'll need a plugin to "see" MHTML, whatever it is. It seems to be an unholy mix of HTML and MIME and sounds unpleasant and probably a bit unnecessary.
To be honest your findings fit my personal point of view and surely has this a major bearing on for example road safety.
I've grabbed a copy of your paper and will have to do a proper digest of it - a quick read shows it to be potentially pretty important in many fields of safety.
Good suff.
Cheers Jon
PS Its not my thing as such (I'm an IT bod) but it makes a damn good "news for nerds" story
Correct, it isn't universal but it is common for people to miss it.
You may have been lucky or you may be gifted - who knows but in this case (ie this discussion) we have two data points - I missed it and you didn't. Now even on/. that is not normally considered proof one way or the other.
Bugger - I'm going to have to do some research! Time for some reading, its almost as though a/. story might become interesting.
Right - I cry foul almost immediatly (I've only watch the first vid):
Its common(ish) knowledge that the visual field is very narrow. The fovea centralis http://en.wikipedia.org/wiki/Fovea_centralis only covers a very small area, and I'd be willing to bet (only a small amount) that causes the apparent lack of movement.
You are instructed to concentrate on the central dot and the gap to the ring seems to be big enough to put the dots outside of the fovea's view. However run it again and concentrate on the ring and yes, the dots still mostly seem to stop blinking, however you can still perceive blinking.
The rate of rotation is quite quick and there is a 60Hz refresh on my laptop screen - was that controlled for or even considered? What sort of screen was the real experiment carried out on?
I still say this is an optical illusion of some sort unless someone who knows what they are on about can convince me otherwise.
For [random deity]'s sake please stop the predator/prey bollocks.
For a large part of humanity, being lunched by a sabre toothed donkey has not been much of a worry for a very long time.
So why not couch your argument in terms that are relavent? Have a think and decide how long ago your ancestors would have worried about a tiger (rather than say being nobbled by the local feudal system or disease) and then decide what the "rate" of evolution is.
I'll grant you that the rate of evolutionary change is probably pretty slow - for a given value of slow.
However I still think that the standard language used in this sort of discussion, ie dropping in lines like "well that attribute allows man to spot a predatory sheep advancing across the plains".
Its time the beastiary was updated to take account of cars, trucks and white van man.
If someone wants to sound off on t'interwebs then surely they must do so within libel laws.
So in the case of the Bridezilla, if it was that important to a potential plaintiff, then a sub note to those postings noting a finding of libel would be the fair approach.
Publish and be damned - if you are a Twatter,/.er or whatever, there is a good chance that your First Amendment protected free speech can also be looked at from a libel perspective.
Now this simply raises the question that as it is much easier to "publish" to a potentially huge audience nowadays, should it also not also be simpler to sue for libel?
Then throw in multiple jurisdictions 'n' sets of laws to make it all properly complicated. For example, I couldn't give a monkeys about a First Amendment set of rights - there isn't one in the UKoGB!
The linked article mentions only that the law requires that data be held encrypted. That is not much use in this case where a SQL attack was used.
Does anyone know whether the law requires a certain standard for the front ends to the data. I'm pretty sure that PCI DSS - as another applicable standard - defines no such thing either.
I have to agree with you in part. I live in the UKoGB.
I hate driving along the M42 which runs east/west, south of Birmingham (Staffordshire, not Alabama!) it must be the most filmed piece of road in the world. There are surveillance cameras around every half a mile or less. It feels like someone is staring at you all the time. Our town centres are full of cameras but they is not quite so in your face as the M42 unless you look up.
However, a saying involving glass houses and stones comes to mind.
If you wish to claim some form of superiority in the media freedom stakes then I have to paraphrase a few comments made by my future daughter in law who comes from Florida:
- Your TV is so much less restricted than ours - We would never get swearing or nudity like that on our TV
We are not more uptight about sex than the USoA. This is about internet porn having the brown paper wrapper put over it, which is what happens to girlie mags nowadays. In the past they used to be merely put on the top shelf.
I am uneasy about any form of censorship but perhaps the media on the internet has to be treated like any other media distribution channel. Here our govt is attempting to do the right thing.
Yes it is a "wont someone think of the children" job but it seems nearly the correct approach.
Unfortunately unlike buying a copy of Penthouse (porn) in WH Smiths (news agents), the fact that you have opted in to online porn will be recorded somewhere and some of our other rather amusing laws (RIPA et al) can be used to get at that information.
My ISP (AAISP) actively encourage IPv4 address exhaustion AFAICT.
They gave me a/29 + a/32 for my router for home use and probably would have given me more if I'd asked. At work I asked for a/28 and got a/27.
They also give out a/48 IPv6 subnet to all customers and instructions for use. They can do IPv6 over PPPoA (this is the UKoGB) natively and provide a IPv6 to 4 tunnel broker for those that need it.
Have a look at your Spam Assassin headers and see that quite a lot of marks are not related to IP address. I have found DNSBLs handy up to now but I think I'll accept that as these lose their efficiency during IP version handover my spamds and MTAs will get a bit more of a battering for a while.
Never mind processing power is pretty cheap.
I have a customer with around 16 million unique IPs trying to get in each week - a spambot net of some sort (Russian and Chinese IP feature a lot). An Exim process is being spawned for each connection along with a spamd and possibly clamd session. The box is a dinky Dell single processor server and it barely breaks a sweat.
There's always pfSense as an alternative to m0n0wall. I run many of those under VMWare.
I chose it for its easy multi external link capabilities, after I gave up on Linux for this and was pleasantly surprised by its ease of use, stability and huge range of features.
It is nearly bullet proof as I discovered when one of a customer's VMFS died. All the other VMs fell over immediately but the pfSense router carried on running without its "hard disc" for two days before I replaced it. Internet access downtime was 2 seconds as I cut it over. Admittedly the web interface vanished but the routing, VPNs, firewall etc carried on running.
As to OWL, its a Linux distro so it will have no problems with being a VM - that's the whole point of virtualization. You might have to select "Linux other (64 bit)" but my many Gentoo's run happily like that
Why on earth should the devs even think about VMWare, HyperV, KVM or whatever - that's your job! Apart from considering making the guest tools pre-packaged what should they be doing? I doubt they care whether you spec your boxen from Dell. HP, IBM or PC World so why should they care whether it is physical or VM?
As to asking about RAM requirements - I'd suggest (without even having looked at it) >=256Mb depending what you do with it. I've no doubt that fact is covered on their web site. If you are using ESXi and not just playing on your home PC then the answer would probably be "who cares, RAM is cheap as chips"
Go on - try it, I might even do the same.
Cheers Jon
PS You have a 5 digit/.ID. Have you been moonlighting on other OSs for the last 10 years, asking such questions 8)
It sounds good but it only addresses one security aspect of a system. It runs on top of Java which I seem to recall is blessed with a few bugs - how do they avoid those including all the ones that will appear in future versions.
Then the Java stack sits on top of a OS and that is a massive "attack surface" or whatever is the current bullshit from the consultants (OK that includes me)
Then the OS sits on top of some sort of hardware with its own built in software (BIOS etc) problems.
Then the machine itself has a physical presence which can be subverted in amusing ways.
Then we have the users/devs/sysadmins that constitute another weak link.
Sounds a good idea though and the approach might be made to work down through the system. Perhaps it could be called Trusted Computing or something and would clearly need fronting by a consortium consisting of: AMD/Intel, Dell/HP/IBM,MS and Oracle - the fun loving group we can all trust to "Just Do It Right" (TM).
Slashdot Mirror
seems to be the real output from this initiative, given the top post. Perhaps I ought to read the links just in case there is something more tangible ...
Well Mr six dig, RanDomCapS 'n' punctuationeer extraordinare - who can say?
Apparently someone called Timothy left their name on the article for all to see.
This: https://www.microsoft.com/technet/security/advisory/2501696.mspx
was posted 28 Jan 2011.
When did you notice the bug? - We'd all love to hear your insights on it.
Cheers
Jon
You don't remember {MS|PC|IBM}DOS do you?
It should be possible to sue for time wasted trying to get 620Kb free memory available to run some shitty Lucas Arts game (or a crappy network stack n client).
Before the "I had a few problems with punch cards" mob dives in - no one ever said that a batch system based on paper doilies would be easy.
Cheers
Jon
Try using a search engine with the term MHTML and getting something like this: http://en.wikipedia.org/wiki/MHTML
On FF you'll need a plugin to "see" MHTML, whatever it is. It seems to be an unholy mix of HTML and MIME and sounds unpleasant and probably a bit unnecessary.
Cheers
Jon
>The French Revolution was illegal as hell, too.
And so was the (N) American one and many others as well.
The thing about the aftermath of a revolution - the winners get to redefine legality.
Cheers
Jon
Hilarious - perhaps you designed the Tacoma Narrows bridge.
Your comment clearly explains why I call myself a consultant and not an Engineer.
Cheers
Jon
You have a five digit /. ID and you ask a stupid question like that?
Presumably you were on the plonk, tired and emotional when you posted it.
Surely you see that your comment implies you have a nearly infinitely fast internet connection ...
Cheers
Jon
To be honest your findings fit my personal point of view and surely has this a major bearing on for example road safety.
I've grabbed a copy of your paper and will have to do a proper digest of it - a quick read shows it to be potentially pretty important in many fields of safety.
Good suff.
Cheers
Jon
PS Its not my thing as such (I'm an IT bod) but it makes a damn good "news for nerds" story
Correct, it isn't universal but it is common for people to miss it.
You may have been lucky or you may be gifted - who knows but in this case (ie this discussion) we have two data points - I missed it and you didn't. Now even on /. that is not normally considered proof one way or the other.
Cheers
Jon
Blimey - that's an answer from above!
Thanks for your response. Its rather more than you get on /. normally
Cheers
Jon
Or you are especially good at analyzing computer generated images.
I still hold that this is an optical illusion of some sort, possibly exacerbated by the presentation medium.
On the first vid are you able to see that the dots seem to stop flashing when rotating and you are absolutely concentrating on the central dot?
Cheers
Jon
Bugger - I'm going to have to do some research! Time for some reading, its almost as though a /. story might become interesting.
Right - I cry foul almost immediatly (I've only watch the first vid):
Its common(ish) knowledge that the visual field is very narrow. The fovea centralis http://en.wikipedia.org/wiki/Fovea_centralis only covers a very small area, and I'd be willing to bet (only a small amount) that causes the apparent lack of movement.
You are instructed to concentrate on the central dot and the gap to the ring seems to be big enough to put the dots outside of the fovea's view. However run it again and concentrate on the ring and yes, the dots still mostly seem to stop blinking, however you can still perceive blinking.
The rate of rotation is quite quick and there is a 60Hz refresh on my laptop screen - was that controlled for or even considered? What sort of screen was the real experiment carried out on?
I still say this is an optical illusion of some sort unless someone who knows what they are on about can convince me otherwise.
Cheers
Jon
For [random deity]'s sake please stop the predator/prey bollocks.
For a large part of humanity, being lunched by a sabre toothed donkey has not been much of a worry for a very long time.
So why not couch your argument in terms that are relavent? Have a think and decide how long ago your ancestors would have worried about a tiger (rather than say being nobbled by the local feudal system or disease) and then decide what the "rate" of evolution is.
I'll grant you that the rate of evolutionary change is probably pretty slow - for a given value of slow.
However I still think that the standard language used in this sort of discussion, ie dropping in lines like "well that attribute allows man to spot a predatory sheep advancing across the plains".
Its time the beastiary was updated to take account of cars, trucks and white van man.
IANAAVN and I too can't be arsed to read the paper either and of course I've only skimmed your response. Now for my speculation:
The classic gorilla in the room http://viscog.beckman.illinois.edu/grafs/demos/15.html experiment is a far better demonstration of how our perception is rubbish.
Farting around with dots and rings just isn't going to get you on the news.
There are tons of static optical illusions which even when you know how they work, still work. This is probably a dynamic optical illusion.
Perhaps we both ought to do some reading so we can say something usefull. At least, you ought to read up on it seeing as its in your field!
Cheers
Jon
No no - in English, being blown off is a sign of endearment and rather pleasurable (for a man).
Its something that probably doesn't often happen with members of the opposite sex for /.s 8)
I think you have put it very well.
If someone wants to sound off on t'interwebs then surely they must do so within libel laws.
So in the case of the Bridezilla, if it was that important to a potential plaintiff, then a sub note to those postings noting a finding of libel would be the fair approach.
Publish and be damned - if you are a Twatter, /.er or whatever, there is a good chance that your First Amendment protected free speech can also be looked at from a libel perspective.
Now this simply raises the question that as it is much easier to "publish" to a potentially huge audience nowadays, should it also not also be simpler to sue for libel?
Then throw in multiple jurisdictions 'n' sets of laws to make it all properly complicated. For example, I couldn't give a monkeys about a First Amendment set of rights - there isn't one in the UKoGB!
So, 4,6,7 and 8 would seem to apply. That should give the lawyers plenty to play with.
The linked article mentions only that the law requires that data be held encrypted. That is not much use in this case where a SQL attack was used.
Does anyone know whether the law requires a certain standard for the front ends to the data. I'm pretty sure that PCI DSS - as another applicable standard - defines no such thing either.
I'd love to see how you would create a double blind trial on this
I have to agree with you in part. I live in the UKoGB.
I hate driving along the M42 which runs east/west, south of Birmingham (Staffordshire, not Alabama!) it must be the most filmed piece of road in the world. There are surveillance cameras around every half a mile or less. It feels like someone is staring at you all the time. Our town centres are full of cameras but they is not quite so in your face as the M42 unless you look up.
However, a saying involving glass houses and stones comes to mind.
If you wish to claim some form of superiority in the media freedom stakes then I have to paraphrase a few comments made by my future daughter in law who comes from Florida:
- Your TV is so much less restricted than ours
- We would never get swearing or nudity like that on our TV
We are not more uptight about sex than the USoA. This is about internet porn having the brown paper wrapper put over it, which is what happens to girlie mags nowadays. In the past they used to be merely put on the top shelf.
I am uneasy about any form of censorship but perhaps the media on the internet has to be treated like any other media distribution channel. Here our govt is attempting to do the right thing.
Yes it is a "wont someone think of the children" job but it seems nearly the correct approach.
Unfortunately unlike buying a copy of Penthouse (porn) in WH Smiths (news agents), the fact that you have opted in to online porn will be recorded somewhere and some of our other rather amusing laws (RIPA et al) can be used to get at that information.
THAT IS THE REAL PROBLEM.
My ISP (AAISP) actively encourage IPv4 address exhaustion AFAICT.
They gave me a /29 + a /32 for my router for home use and probably would have given me more if I'd asked. At work I asked for a /28 and got a /27.
They also give out a /48 IPv6 subnet to all customers and instructions for use. They can do IPv6 over PPPoA (this is the UKoGB) natively and provide a IPv6 to 4 tunnel broker for those that need it.
Have a look at your Spam Assassin headers and see that quite a lot of marks are not related to IP address. I have found DNSBLs handy up to now but I think I'll accept that as these lose their efficiency during IP version handover my spamds and MTAs will get a bit more of a battering for a while.
Never mind processing power is pretty cheap.
I have a customer with around 16 million unique IPs trying to get in each week - a spambot net of some sort (Russian and Chinese IP feature a lot). An Exim process is being spawned for each connection along with a spamd and possibly clamd session. The box is a dinky Dell single processor server and it barely breaks a sweat.
Cheers
Jon
Are you seriously telling me (us) that your Uni doesn't check outgoing as well as incoming mail? At the very least, pass it through ClamAV.
I hope your IT staff don't teach "mail relaying 101"
You *do* check incoming mail, don't you?
Cheers
Jon
There's always pfSense as an alternative to m0n0wall. I run many of those under VMWare.
I chose it for its easy multi external link capabilities, after I gave up on Linux for this and was pleasantly surprised by its ease of use, stability and huge range of features.
It is nearly bullet proof as I discovered when one of a customer's VMFS died. All the other VMs fell over immediately but the pfSense router carried on running without its "hard disc" for two days before I replaced it. Internet access downtime was 2 seconds as I cut it over. Admittedly the web interface vanished but the routing, VPNs, firewall etc carried on running.
As to OWL, its a Linux distro so it will have no problems with being a VM - that's the whole point of virtualization. You might have to select "Linux other (64 bit)" but my many Gentoo's run happily like that
Why on earth should the devs even think about VMWare, HyperV, KVM or whatever - that's your job! Apart from considering making the guest tools pre-packaged what should they be doing? I doubt they care whether you spec your boxen from Dell. HP, IBM or PC World so why should they care whether it is physical or VM?
As to asking about RAM requirements - I'd suggest (without even having looked at it) >=256Mb depending what you do with it. I've no doubt that fact is covered on their web site. If you are using ESXi and not just playing on your home PC then the answer would probably be "who cares, RAM is cheap as chips"
Go on - try it, I might even do the same.
Cheers
Jon
PS You have a 5 digit /.ID. Have you been moonlighting on other OSs for the last 10 years, asking such questions 8)
It sounds good but it only addresses one security aspect of a system. It runs on top of Java which I seem to recall is blessed with a few bugs - how do they avoid those including all the ones that will appear in future versions.
Then the Java stack sits on top of a OS and that is a massive "attack surface" or whatever is the current bullshit from the consultants (OK that includes me)
Then the OS sits on top of some sort of hardware with its own built in software (BIOS etc) problems.
Then the machine itself has a physical presence which can be subverted in amusing ways.
Then we have the users/devs/sysadmins that constitute another weak link.
Sounds a good idea though and the approach might be made to work down through the system. Perhaps it could be called Trusted Computing or something and would clearly need fronting by a consortium consisting of: AMD/Intel, Dell/HP/IBM,MS and Oracle - the fun loving group we can all trust to "Just Do It Right" (TM).
>>will be available on a total of five devices in the US
Surely they can aim a little higher than five devices. I've got 14 staff, that's one between three.
I'll have it on Mon, Tue and Wed, you can have it Thu and Fri. Then you can have it for the weekend.
The rest of you sort yourselves out.
Oh, that's right we got bored waiting for it and are quite happy with these shiny HTC things.